When executing applications on a computer, an application often requires users to authenticate themselves prior to performing any actions to prevent unauthorized access. For example, a user may have to provide identification with a user name and password, a serial number for the software being installed, a personal identification number (PIN). Further, depending on where the client/user is located, different authentication may be required. For example, if a user is logging onto a network at the user's office, a username and password may be required. But if the user is logging onto the user's office's network from home, an additional username and password may be required (or a different mechanism may be required).
One solution involves a single sign on scheme allowing a user to authenticate once and gain access to the resources of multiple computing systems. A user attempting to log in a relying party (RP) server is redirected to an identity provider (IDP) server for authentication. However, such single sign on scheme is vulnerable to “man in the middle” attacks due to each web site visited being in control of the redirection. For example, a website may redirect to itself or a malicious party and proxy the conversation between the user-agent and the IDP server. Username and password schemes and other forms of authentication that provide the raw credentials on the wire are vulnerable to having those credentials appropriated by malicious sites.